CVE-2005-2701 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-2701
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2701

Description: Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/22373 UBUNTU http://www.ubuntu.com/usn/usn-200-1 SUSE http://www.novell.com/linux/security/advisories/2005_58_mozilla.html ST 1014954 SCO SAID Secunia Advisory: SA17014 Secunia Advisory: SA16977 Secunia Advisory: SA17026 Secunia Advisory: SA17263 Secunia Advisory: SA17284 Secunia Advisory: SA17149 Secunia Advisory: SA16911 Secunia Advisory: SA16917 REDHAT http://www.redhat.com/support/errata/RHSA-2005-789.html http://www.redhat.com/support/errata/RHSA-2005-785.html OVAL http://oval.mitre.org/oval/definitions/data/oval1480.html OSVDB 19643 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2005:174 http://www.mandriva.com/security/advisories?name=MDKSA-2005:169 http://www.mandriva.com/security/advisories?name=MDKSA-2005:170 FEDORA http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html DEBIAN http://www.debian.org/security/2005/dsa-866 http://www.debian.org/security/2005/dsa-838 http://www.debian.org/security/2005/dsa-868 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-58.html BID 15495 14916

Return to the previous page.